Access control in the Internet of Things: a survey of existing approaches and open research questions

Abstract The Internet of Things operates in a personal-data-rich sector, which makes security and privacy an increasing concern for consumers. Access control is thus a vital issue to ensure trust in the IoT. Several access control models are today available, each of them coming with various features, making them more or less suitable for the IoT. This article provides a comprehensive survey of these different models, focused both on access control models (e.g., DAC, MAC, RBAC, ABAC) and on access control architectures and protocols (e.g., SAML and XACML, OAuth 2.0, ACE, UMA, LMW2M, AllJoyn). The suitability of each model or framework for IoT is discussed. In conclusion, we provide future directions for research on access control for the IoT: scalability, heterogeneity, openness and flexibility, identity of objects, personal data handling, dynamic access control policies, and usable security.

Abstract With the popularity of Internet of Things (IoT) and cloud computing technologies, mobile healthcare (mHealth) can offer remote, accurate, and effective medical services for patients according to their personal health records (PHRs). However, data security and efficient access of the PHR should be addressed. Attribute-based encryption (ABE) is regarded as a well-received cryptographic mechanism to simultaneously realize fine-grained access control and data confidentiality in mHealth. Nevertheless, existing works are either constructed in the single-authority setting which may be a performance bottleneck, or lack of efficient user decryption. In this paper, we propose SEMAAC, a secure and efficient multi-authority access control system for IoT-enabled mHealth. In SEMAAC, there are multiple independently worked attribute authorities (AAs). A new entity could be an AA without re-building the system. To reduce the user decryption overhead, most decryption is executed in cloud server, which whereafter returns a partial decryption ciphertext (PDC). The AAs can help the user to check if the PDC is correctly computed. Additionally, a restricted user can delegate his/her key to someone to outsource the decryption and check the returned result, without exposing the plaintext PHR file. The proposed SEMAAC is proved to be adaptively secure in the standard model. The numerical analysis and extensive experiments illustrate the efficiency and advantage of our scheme.

Abstract Attribute-based encryption, especially ciphertext-policy attribute-based encryption, plays an important role in the data sharing. In the process of data sharing, the secret key does not contain the specific information of users, who may share his secret key with other users for benefits without being discovered. In addition, the attribute authority can generate the secret key from any attribute set. If the secret key is abused, it is difficult to judge whether the abused private key comes from users or the attribute authority. Besides, the access control structure usually leaks sensitive information in a distributed network, and the efficiency of attribute-based encryption is a bottleneck of its applications. Fortunately, blockchain technology can guarantee the integrity and non-repudiation of data. In view of the above issues, an efficient and privacy-preserving traceable attribute-based encryption scheme is proposed. In the proposed scheme, blockchain technologies are used to guarantee both integrity and non-repudiation of data, and the ciphertext can be quickly generated by using the pre-encryption technology. Moreover, attributes are hidden in anonymous access control structures by using the attribute bloom filter. When a secret key is abused, the source of the abused secret key can be audited. Security and performance analysis show that the proposed scheme is secure and efficient.

Abstract The development of Internet of things (IoT) makes data exchange more frequently, and the cloud computing can provide stable storage and efficient computation for data users. To ensure the security and functionality of data, the efficiency of decryption and keyword search should be taken into consideration in resource-constrained IoT scenarios. In order to solve the above problems, a flexible keyword search scheme in IoT is proposed over encrypted data with outsourced decryption. First, the attribute-based encryption technology is applied, by which only users whose attributes meet the access control structure can access the sharing data. Second, the reciprocal mapping of Lagrange polynomials technology is employed to implement keyword search in a large number of ciphertext data. Third, the decryption of ciphertext is outsourced to improve the efficiency of decryption on the client side. The security and performance analysis indicates that the proposed scheme is secure and efficient.

Abstract In the past few years, internet of things has been explored in medical area to achieve high efficiency and accuracy in the medical treatment and management. One of the most powerful technologies called the medical Internet of Things (mIoT), is underpinned by the considerable computational ability of cloud and the efficient data collection of medical sensors. As the data is transmitted over open network, security remains a paramount concern in mIoT. Encryption techniques may help to protect patient privacy, but they limit the future retrieval of the encrypted data. To uplift this limitation, public key encryption with keyword search (PEKS) has been introduced. However, most of the existing PEKS schemes are based on public key infrastructure or identity-based cryptography, which suffers from the certificate management issue and key escrow problem in system deployment, respectively. Moreover, inside keyword guessing attack seems to become a severe issue to violate privacy in data search. To address these issues, we present a certificateless searchable public key authenticated encryption scheme with designated tester (CL-dPAEKS), which, we believe, is suitable for cloud-assisted mIoT. We prove that our scheme can resist various types of attacks, and it is more secure than other schemes that built on certificateless cryptography, without significant loss in efficiency.

Certificateless public key encryption with conjunctive keyword search and its application to cloud-based reliable smart grid system

Erneste Uwizeye1, Jiye Wang2, Zhihua Cheng2, Fagen Li1

(1) Center for Cyber Security, School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, People’s Republic of China
(2) State Grid Corporation of China, Beijing, People’s Republic of China

Abstract A public key encryption scheme with conjunctive keyword search allows a semi-trusted third party (or a cloud server) to search over an encrypted data after receiving a trapdoor generated from a conjunctive keyword set. Assume that a sender sends a number of data to a receiver and those data are all stored in the same cloud server. Normally, if the receiver uses one keyword or separate keywords to look for through hundreds of data, it might get in return a huge number of associated data and most of them are unwanted. In this paper, we design a new certificateless public key encryption scheme with conjunctive keyword search, which only returns the desired data. We also prove that the designed scheme is secure against adaptive chosen keyword attacks in the random oracle model under bilinear Diffie-Hellman (BDH) problem assumption. Experimental results show that our scheme has better performance during the testing phase and has a lower communication cost than two related schemes. The comparison about security properties also shows that our scheme is more secure than them. Finally, we give an application example of our scheme in a cloud-based reliable smart grid system.

Abstract As a small-sized database engine, SQLite is widely used in embedded devices, such as mobile phones and PDAs. Large amounts of sensitive personal data are stored in SQLite. Any unintentional data deletion or unexpected device damage can cause considerable loss to the owners of the data. Therefore, in these cases, it is necessary to be able to recover and extract SQLite data records from the flash memory of portable devices. However, most existing SQLite recovery studies take the database file as the research subject, while it is not possible to acquire an intact database file when the flash memory controller is damaged. This paper presents a new method to recover SQLite data records from fragmented flash pages. Instead of investigating the whole *.db file or the journal file, the suggested method focuses on the analysis of B-Tree leaf page structure, which is the basic storage unit, to locate and extract existing and deleted data records based on the structures of the page header and cells in the leaf page, and then uses the SQLite_master structure to translate hex data records into meaningful SQLite tables. The experimental results show that this new method is effective regardless of which file system is used.

Abstract While data deduplication is an important data compression technique that removes copies of repeated data to enhance storage utilization, security and privacy risks arise since sensitive or delicate user data are at risk to both insider and outsider attacks. A distinct negative factor to performance of the technique is data fragmentation, which not only slows down the restoration process but also leads to massive power consumption. In this paper, we address this problem from the perspective of data layout. The kernel point of our method is a novel RAID-5-based cross grouping data layout (CGDL). We introduce a selective deduplication algorithm (SDD) to perform data replication and restoration. A new CGDL-based disk scheduling algorithm (LDP) is also proposed that predicts location dependence to save energy by eliminating the redundant disk read/write operations. We evaluate our new method on the Linux MD (multiple device) driver modules. The experiments show that, under a 10 disks 3 groups storage configuration, our method drastically (by 20%) improves restoration efficiency with only 7.6% reduction on the deduplication ratio, while reducing 23% power consumption.

Abstract Network traffic classification is an enabling technique for network security and management for both traditional networks and emerging networks such as Internet of Things. Due to the decreasing effectiveness of traditional port-based and payload-based methods, lots of research attentions are devoted to an alternative approach based on flow and packet-level traffic characteristics. A variety of statistical classification schemes are proposed in this context, but most of them embody an implicit assumption that all protocols are known in advance and well presented in the training data. This assumption is unrealistic because real-world networks constantly witness emerging traffic patterns and protocols that are previously unknown. In this paper, we revisit the problem by proposing a learning scheme with unknown pattern extraction for statistical protocol identification. The scheme is designed with a more realistic setting, in which we assume that the training data only consists of labeled samples from a limited number of protocols, and the goal is to identify these known patterns out of arbitrary traffic mixture of both known and unknown protocols. Our experiments based on real-world traffic show that the proposed scheme outperforms previous approaches by accurately identifying both known and unknown protocols.

Abstract Data streaming is widely used in various environments. Resource-limited devices outsource the processing and storage of massive numbers of sequential elements to cloud-based servers, and security protection is of primary importance for the outsourced streams. The streaming authenticated data structure schemes and verifiable data streaming schemes are introduced to provide data owners and verifiers with the ability to verify streaming elements. However, due to their enormous numbers of key parameters, expensive updating overheads, signature revocation, and other security and application problems, few of the existing schemes are feasible when massive numbers of streaming elements are involved and allowed to be updated. In this paper, we define and construct a new primitive, namely, dimension-increasing vector commitment (DIVC). Then, we present the definition of constant verifiable data streaming (CVDS), which is an extension of the original verifiable data streaming (VDS) scheme. Moreover, with the proposed DIVC scheme, which is based on the CDH assumption in bilinear pairings, we construct two concrete CVDS schemes, namely, the probabilistic verifiability CVDS (P-CVDS) scheme and the deterministic verifiability CVDS (D-CVDS) scheme, by respectively employing the counting Bloom filter and a dynamic accumulator, which is based on the q-SDH assumption in bilinear pairings. The analyses prove that both the P-CVDS and D-CVDS schemes satisfy the security requirements that are formulated in the CVDS definition. Finally, the efficiency and performance evaluation demonstrate that the proposed schemes are feasible in practical applications.

On the rewards of self-adaptive IoT honeypots

Adrian Pauna1, Ion Bica1, Florin Pop2,3, Aniello Castiglione4

(1) Faculty of Military Electronic and Information Systems, Military Technical Academy, Bucharest, Romania
(2) Faculty of Automatic Control and Computers, “Politehnica” University of Bucharest, Bucharest, Romania
(3) National Institute for Research and Development in Informatics (ICI), Bucharest, Romania
(4) Department of Computer Science, University of Salerno, Fisciano, Italy

Abstract In an era of fully digitally interconnected people and machines, IoT devices become a real target for attackers. Recent incidents such as the well-known Mirai botnet, have shown that the risks incurred are huge and therefore a risk assessment is mandatory. In this paper we present a novel approach on collecting relevant data about IoT attacks. We detail a SSH/Telnet honeypot system that leverages reinforcement learning algorithms in order to interact with the attackers, and we present the results obtained in view of defining optimal reward functions to be used. One of the key issues regarding the performance of such algorithms is the direct dependence on the reward functions used. The main outcome of our study is a full implementation of an IoT honeypot system that leverages Apprenticeship Learning using Inverse Reinforcement Learning, in order to generate best suited reward functions.

School of Computer and Information Engineering, Beijing Technology and Business University, Beijing, China

Abstract With the rapid development of 4G/5G technology and the Internet of Things (IoT), data security and privacy problems are becoming more serious. Wireless sensor networks (WSNs), as the main data source of IoT, are an important stage to ensure data availability and data privacy protection. In this paper, a novel deployment algorithm for 3D WSNs based on the Voronoi diagram is proposed. The algorithm uses the characteristics of adjacency and fast partition of the Voronoi diagram to realize fast division of the 3D monitoring area, calculates the center of each Voronoi area as the latest position of node, repeatedly builds the Voronoi diagram to maximize the coverage of the monitoring area, and maximizes the availability and integrity of data. At the same time, the 4G/5G communication technology is used to realize communication between nodes, and data encryption is used to improve data security. An improved algorithm is also proposed to adapt to different deployment conditions. In this paper, data and privacy security are protected from data sources, and the effectiveness of the algorithm is tested by computer simulation.

Lattice-based dynamic group signature for anonymous authentication in IoT

Run Xie1, Chanlian He2, Chunxiang Xu3, Chongzhi Gao4

(1) School of MathematicalYibin University, Yibin, China
(2) School of Computer and Information Engineering, Yibin University, Yibin, China
(3) School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China
(4) School of Computer Science, Guangzhou University, Guangzhou, China

Abstract Anonymous authentication is one of the most critical tools for the privacy protection in Internet-of-Things (IoT). The primitive of group signature has been widely applied to achieving anonymous authentication. Any mobile device is able to prove its privilege of the access control to a remote server which is an authenticated device with valid attestation. However, the traditional group signature schemes cannot support dynamic authentication efficiently. Furthermore, they are insecure against quantum attack. To tackle the abovementioned challenges, a new lattice-based dynamic group signature scheme is proposed. The new scheme allows any user to dynamically join the group while achieving efficient revocation. Furthermore, it is shown that the new scheme can achieve the security of non-frameability. The security of non-frameability guarantees that any user’s signature can not be forged by other users in the system. In addition, the scheme based on the hardness of lattice problem in the random oracle model is provably secure. The efficiency analysis demonstrates that the scheme is effective in practice.